As part of my evaluation, I look for cer¬tification from independent antivirus testing labs, including AV-Comparatives, AV-Test, ICSA Labs, Virus Bulletin, and West Coast Labs. Almost all the security suites obtain certification for virus detec¬tion, and most pass the virus removal tests. In addition, AV-Comparatives tests a product's ability to detect malicious software proactively without using a sig¬nature database.
I also look at when a security prod¬uct scans for viruses. In theory, you'd be fully protected if your antivirus simply scanned every file before allowing it to launch. In practice, however, I expect an AV program to scan files on demand, on schedule, and upon access.

Many suites draw no distinction between antivirus and antispyware oper¬ations. Instead of separating these func¬tions into different modules, they have a single on-demand scanner and a single set of real-time protective elements.
Either way, this type of protection should block any malicious software that tries to invade your system. A product must also be able to clean up an infested system-a tougher task, since the entrenched malware can fight back.

On tests, I give a suite full credit for removal if it gets rid of all executable files associated with a threat, even if data files and Registry items are left behind. If the utility detects the threat but fails to remove it, I give half credit. Likewise, a suite that completely prevents installation of all executable files gets full credit for blocking that threat; if it tries and fails, half credit.

Name: Viruses, Trojans, and Worms.jpg Views: 33 Size: 21.1 KB

In this latest round of testing, Panda Internet Security 2008 did something unprecedented for any of these prod¬ucts-it chalked up a perfect 10 of 10 points for both malware removal and malware blocking. The software's "mega¬detection" technology really seems to work.

Because today's profit-driven malware writers crank out new and different mutations at an alarming rate, signature based protection is no longer enough to keep your system safe. Most modern suites include non-signature features ranging from detection of similar files to full behavior-based monitoring.